fumiama/paper-manager
1
0
Fork 0
mirror of https://github.com/fumiama/paper-manager.git synced 2026-06-05 07:50:23 +08:00
Code Activity

finish upload avatar

Browse Source
This commit is contained in:
源文雨
2023-03-18 00:25:19 +08:00
parent cd571e9e25
commit a072cfe1cf
18 changed files with 268 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
backend/file/provider.go → backend/api/file.go
View File

@@ -1,26 +1,27 @@
package file
package api
import (
"net/http"
"strings"
"github.com/fumiama/paper-manager/backend/global"
"github.com/fumiama/paper-manager/backend/utils"
"github.com/sirupsen/logrus"
)
// Handler serves contents in global.FileFolder
func Handler(w http.ResponseWriter, r *http.Request) {
// FileHandler serves contents in global.FileFolder
func FileHandler(w http.ResponseWriter, r *http.Request) {
if !utils.IsMethod("GET", w, r) {
return
}
i := strings.LastIndex(r.URL.Path, "/")
fn := r.URL.Path[i+1:]
if r.URL.Path[0] != '/' {
r.URL.Path = "/" + r.URL.Path
}
fn := r.URL.Path[6:]
if fn == "" {
http.Error(w, "400 Bad Request: empty path", http.StatusBadRequest)
return
}
name := global.FileFolder + fn
logrus.Infoln("[file.Handler]\t serve", name)
logrus.Infoln("[file.FileHandler] serve", name)
http.ServeFile(w, r, name)
}

5
backend/api/login.go
View File

@@ -52,9 +52,12 @@ func getLoginSalt(username string) (*saltinfo, error) {
return nil, errNoSuchUser
}
s, _ := loginstatus.Load(username)
if s != loginStatusNo {
if s == loginStatusYes {
return nil, errInvalidLoginStatus
}
if s >= loginStatusFailLast {
return nil, errTooManyFailedLogins
}
salt := loginsalts.Get(username)
if salt.count != nil {
if atomic.AddUintptr(salt.count, 1) >= maxSaltCount {

17
backend/api/main.go
View File

@@ -9,13 +9,16 @@ import (
// Handler serves all backend /api call
func Handler(w http.ResponseWriter, r *http.Request) {
if r.URL.Path[0] != '/' {
r.URL.Path = "/" + r.URL.Path
}
if r.URL.Path == "/api/getLoginSalt" {
if !utils.IsMethod("GET", w, r) {
return
}
username := r.URL.Query().Get("username")
if username == "" {
http.Error(w, "400 Bad Request: empty username", http.StatusBadRequest)
writeresult(w, codeError, nil, "empty username", typeError)
return
}
salt, err := getLoginSalt(username)
@@ -58,6 +61,18 @@ func Handler(w http.ResponseWriter, r *http.Request) {
writeresult(w, codeSuccess, r, messageOk, typeSuccess)
return
}
if r.URL.Path == "/api/logout" {
if !utils.IsMethod("GET", w, r) {
return
}
err := logout(r.Header.Get("Authorization"))
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, nil, messageOk, typeSuccess)
return
}
if !utils.IsMethod("GET", w, r) {
return
}

98
backend/api/upload.go Normal file
View File

@@ -0,0 +1,98 @@
package api
import (
"bytes"
"io"
"net/http"
"os"
"strconv"
"strings"
"github.com/fumiama/imgsz"
"github.com/sirupsen/logrus"
"github.com/fumiama/paper-manager/backend/global"
"github.com/fumiama/paper-manager/backend/utils"
)
type upload struct {
Message string `json:"message"`
Code int `json:"code"`
URL string `json:"url"`
}
// UploadHandler receives uploaded files
func UploadHandler(w http.ResponseWriter, r *http.Request) {
if !utils.IsMethod("POST", w, r) {
return
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
ff, h, err := r.FormFile("avatar")
if err == nil {
defer ff.Close()
ct := h.Header.Get("Content-Type")
un := h.Filename
logrus.Infoln("[file.UploadHandler] receive avatar, username:", un, "& mime:", ct)
if !strings.HasPrefix(ct, "image/") {
writeresult(w, codeError, nil, "invalid mimetype", typeError)
return
}
if un != user.Name {
writeresult(w, codeError, nil, "username mismatch", typeError)
return
}
err = os.MkdirAll(global.FileFolder+strconv.Itoa(*user.ID), 0755)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
buf := bytes.NewBuffer(make([]byte, 0, h.Size))
_, err := io.Copy(buf, ff)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
data := buf.Bytes()
_, format, err := imgsz.DecodeSize(buf)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
userf := global.FileFolder + strconv.Itoa(*user.ID) + "/"
err = os.MkdirAll(userf, 0755)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
avf := userf + "avatar." + format
err = os.WriteFile(avf, data, 0644)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = global.UserDB.UpdateUserInfo(*user.ID, "", avf[6:], "")
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, &upload{
Message: messageOk,
Code: codeSuccess,
URL: avf[6:],
}, messageOk, typeSuccess)
user.Avtr = avf[6:]
usertokens.Set(token, user)
logrus.Infoln("[file.UploadHandler] save avatar to", avf[6:])
return
}
if err != http.ErrMissingFile {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
}

34
backend/api/user.go
View File

@@ -2,10 +2,16 @@ package api
import (
"errors"
"strings"
"time"
"github.com/fumiama/paper-manager/backend/global"
)
const (
chineseDateLayout = "2006年01月02日15时04分05秒"
)
var (
errInvalidToken = errors.New("invalid token")
)
@@ -18,6 +24,9 @@ type getUserInfoResult struct {
Desc string `json:"desc"`
HomePath string `json:"homePath"`
Roles []role `json:"roles"`
Date string `json:"date"`
Last string `json:"last"`
Contact string `json:"contact"`
}
func getUserInfo(token string) (*getUserInfoResult, error) {
@@ -25,6 +34,16 @@ func getUserInfo(token string) (*getUserInfoResult, error) {
if user == nil {
return nil, errInvalidToken
}
cont := user.Cont
if len(cont) > 7 {
sb := strings.Builder{}
sb.WriteString(cont[:3])
for i := 0; i < len(cont)-7; i++ {
sb.WriteByte('*')
}
sb.WriteString(cont[len(cont)-4:])
cont = sb.String()
}
return &getUserInfoResult{
UserID: *user.ID,
Username: user.Name,
@@ -37,6 +56,19 @@ func getUserInfo(token string) (*getUserInfoResult, error) {
}
return "/dashboard/workbench"
}(),
Roles: []role{{RoleName: user.Role.Nick(), Value: user.Role.String()}},
Roles: []role{{RoleName: user.Role.Nick(), Value: user.Role.String()}},
Date: time.Unix(user.Date, 0).Format(chineseDateLayout),
Last: time.Unix(user.Last, 0).Format(chineseDateLayout),
Contact: cont,
}, nil
}
func logout(token string) error {
user := usertokens.Get(token)
if user == nil {
return errInvalidToken
}
loginstatus.Delete(user.Name)
usertokens.Delete(token)
return nil
}

2
backend/global/base.go
View File

@@ -22,7 +22,7 @@ func init() {
func initdir(folder string) {
err := os.MkdirAll(folder, 0755)
if err != nil {
logrus.Errorln("[os.MkdirAll]\t", err)
logrus.Errorln("[os.MkdirAll]", err)
os.Exit(line())
}
}

49
backend/global/user.go
View File

@@ -56,6 +56,7 @@ var (
ErrEmptyUserID = errors.New("empty user ID")
ErrEmptyContect = errors.New("empty contact")
ErrUsernameExists = errors.New("username exists")
ErrInvalidName = errors.New("invalid name")
)
func init() {
@@ -88,7 +89,7 @@ func init() {
Cont: "028-61830156",
Desc: "日は山の端にかかりぬ",
}, "系统")
logrus.Warn("[global.user] 初次启动, 创建初始账户 fumiama 密码 123456")
logrus.Warn("[user] 初次启动, 创建初始账户 fumiama 密码 123456")
}
}
@@ -121,6 +122,11 @@ func (u *UserDatabase) AddUser(user *User, opname string) error {
if u.IsNameExists(user.Name) {
return ErrUsernameExists
}
for _, c := range user.Name {
if !(c >= '0' && c <= '9') && !(c >= 'A' && c <= 'Z') && !(c >= 'a' && c <= 'z') {
return ErrInvalidName
}
}
user.Date = time.Now().Unix()
user.Last = user.Date
_ = u.notifyUserAdded(opname, user.Name)
@@ -146,7 +152,7 @@ func (u *UserDatabase) UpdateUserInfo(id int, nick, avtr, desc string) error {
}
u.mu.Lock()
defer u.mu.Unlock()
return u.db.Insert(UserTableUser, user)
return u.db.Insert(UserTableUser, &user)
}
// UpdateUserRole ...
@@ -161,7 +167,7 @@ func (u *UserDatabase) UpdateUserRole(id int, nr UserRole) error {
user.Role = nr
u.mu.Lock()
defer u.mu.Unlock()
return u.db.Insert(UserTableUser, user)
return u.db.Insert(UserTableUser, &user)
}
// UpdateUserPassword ...
@@ -178,7 +184,7 @@ func (u *UserDatabase) UpdateUserPassword(id int, npwd string) error {
_ = u.notifyPasswordChange(user.Name, npwd)
u.mu.Lock()
defer u.mu.Unlock()
return u.db.Insert(UserTableUser, user)
return u.db.Insert(UserTableUser, &user)
}
// UpdateUserContact ...
@@ -194,12 +200,18 @@ func (u *UserDatabase) UpdateUserContact(id int, ncont string) error {
_ = u.notifyContactChange(user.Name, ncont)
u.mu.Lock()
defer u.mu.Unlock()
return u.db.Insert(UserTableUser, user)
return u.db.Insert(UserTableUser, &user)
}
// GetUserByName avoids sql injection by removing ; ' " =
func (u *UserDatabase) GetUserByName(username string) (user User, err error) {
username = strings.NewReplacer(";", "", "'", "", `"`, "", "=", "").Replace(username)
for _, c := range username {
if !(c >= '0' && c <= '9') && !(c >= 'A' && c <= 'Z') && !(c >= 'a' && c <= 'z') {
err = ErrInvalidName
return
}
}
u.mu.RLock()
err = u.db.Find(UserTableUser, &user, "WHERE Name='"+username+"'")
u.mu.RUnlock()
@@ -209,6 +221,11 @@ func (u *UserDatabase) GetUserByName(username string) (user User, err error) {
// IsNameExists avoids sql injection by removing ; ' " =
func (u *UserDatabase) IsNameExists(username string) bool {
username = strings.NewReplacer(";", "", "'", "", `"`, "", "=", "").Replace(username)
for _, c := range username {
if !(c >= '0' && c <= '9') && !(c >= 'A' && c <= 'Z') && !(c >= 'a' && c <= 'z') {
return false
}
}
u.mu.RLock()
defer u.mu.RUnlock()
return u.db.CanFind(UserTableUser, "WHERE Name='"+username+"'")
@@ -265,6 +282,21 @@ func (u *UserDatabase) GetSuperIDs() (ids []int, err error) {
return
}
// IsUser checks if token is valid for a user
func (user *User) IsUser() bool {
return user.Role == RoleUser || user.Role == RoleFileManager || user.Role == RoleSuper
}
// IsFileManager checks if token is valid for a filemgr
func (user *User) IsFileManager() bool {
return user.Role == RoleFileManager || user.Role == RoleSuper
}
// IsSuper checks if token is valid for a super
func (user *User) IsSuper() bool {
return user.Role == RoleSuper
}
// Message is shown in the workbench
type Message struct {
ID *int
@@ -282,7 +314,7 @@ func (u *UserDatabase) SendMessage(m *Message) error {
m.Date = time.Now().Unix()
u.mu.Lock()
defer u.mu.Unlock()
return u.db.InsertUnique(UserTableMessage, &m)
return u.db.InsertUnique(UserTableMessage, m)
}
// NotifyRegister will send register notification to all supers
@@ -290,6 +322,11 @@ func (u *UserDatabase) NotifyRegister(name, cont, pswd string) error {
if name == "" {
return ErrEmptyName
}
for _, c := range name {
if !(c >= '0' && c <= '9') && !(c >= 'A' && c <= 'Z') && !(c >= 'a' && c <= 'z') {
return ErrInvalidName
}
}
if pswd == "" {
return ErrEmptyPassword
}

2
backend/utils/method.go
View File

@@ -18,7 +18,7 @@ func IP(r *http.Request) string {
// IsMethod check if the method meets the requirement
// and response 405 Method Not Allowed if not matched
func IsMethod(m string, w http.ResponseWriter, r *http.Request) bool {
logrus.Infoln("[utils.IsMethod]\t accept", IP(r), r.Method, r.URL)
logrus.Infoln("[utils.IsMethod] accept", IP(r), r.Method, r.URL)
if r.Method != m {
http.Error(w, "405 Method Not Allowed", http.StatusMethodNotAllowed)
return false

8
frontend/vben/mock/sys/user.ts
View File

@@ -143,7 +143,7 @@ export default [
return resultSuccess(codeList)
},
},
{
/*{
url: '/api/logout',
timeout: 200,
method: 'get',
@@ -156,13 +156,13 @@ export default [
}
return resultSuccess(undefined, { message: 'Token has been destroyed' })
},
},
{
},*/
/*{
url: '/api/testRetry',
statusCode: 405,
method: 'get',
response: () => {
return resultError('Error!')
},
},
},*/
] as MockMethod[]

6
frontend/vben/src/api/sys/model/userModel.ts
View File

@@ -66,6 +66,12 @@ export interface GetUserInfoModel {
avatar: string
// 介绍
desc?: string
// 创建日期
date: string
// 上次修改密码日期
last: string
// 电话
contact: string
}
export interface GetLoginSaltModel {

2
frontend/vben/src/components/Cropper/src/CopperModal.vue
View File

@@ -187,7 +187,7 @@
try {
setModalProps({ confirmLoading: true })
const result = await uploadApi({ name: 'file', file: blob, filename })
emit('uploadSuccess', { source: previewSource.value, data: result.url })
emit('uploadSuccess', { source: previewSource.value, data: result.data.result.url })
closeModal()
} finally {
setModalProps({ confirmLoading: false })

37
frontend/vben/src/views/page/settings/BaseSetting.vue
View File

@@ -8,8 +8,8 @@
<div class="change-avatar">
<div class="mb-2">头像</div>
<CropperAvatar
:uploadApi="uploadApi"
:value="avatar"
:uploadApi="onUpload as any"
:value="avatarRef"
btnText="更换头像"
:btnProps="{ preIcon: 'ant-design:cloud-upload-outlined' }"
@change="updateAvatar"
@@ -23,7 +23,7 @@
</template>
<script lang="ts">
import { Button, Row, Col } from 'ant-design-vue'
import { computed, defineComponent, onMounted } from 'vue'
import { ref, defineComponent, onMounted } from 'vue'
import { BasicForm, useForm } from '/@/components/Form/index'
import { CollapseContainer } from '/@/components/Container'
import { CropperAvatar } from '/@/components/Cropper'
@@ -31,7 +31,6 @@
import { useMessage } from '/@/hooks/web/useMessage'
import headerImg from '/@/assets/images/header.jpg'
import { accountInfoApi } from '/@/api/demo/account'
import { baseSetschemas } from './data'
import { useUserStore } from '/@/store/modules/user'
import { uploadApi } from '/@/api/sys/upload'
@@ -48,6 +47,7 @@
setup() {
const { createMessage } = useMessage()
const userStore = useUserStore()
const { avatar } = userStore.getUserInfo
const [register, { setFieldsValue }] = useForm({
labelWidth: 120,
@@ -56,27 +56,36 @@
})
onMounted(async () => {
const data = await accountInfoApi()
const data = userStore.getUserInfo
setFieldsValue(data)
})
const avatar = computed(() => {
const { avatar } = userStore.getUserInfo
console.log(avatar)
return avatar || headerImg
})
const avatarRef = ref(avatar || headerImg)
function updateAvatar({ src, data }) {
function updateAvatar({ src }) {
const userinfo = userStore.getUserInfo
userinfo.avatar = src
userStore.setUserInfo(userinfo)
console.log('data', data)
}
async function onUpload(value: { file: Blob; name: string }) {
const data = userStore.getUserInfo
const result = await uploadApi(
{
name: 'avatar',
file: value.file,
filename: data.username,
},
() => {},
)
avatarRef.value = result.data.url
return result
}
return {
avatar,
avatarRef,
register,
uploadApi: uploadApi as any,
onUpload,
updateAvatar,
handleSubmit: () => {
createMessage.success('更新成功!')

20
frontend/vben/src/views/page/settings/SecureSetting.vue
View File

@@ -23,14 +23,28 @@
import { List } from 'ant-design-vue'
import { defineComponent } from 'vue'
import { CollapseContainer } from '/@/components/Container/index'
import { secureSettingList } from './data'
import { useUserStore } from '/@/store/modules/user'
export default defineComponent({
components: { CollapseContainer, List, ListItem: List.Item, ListItemMeta: List.Item.Meta },
setup() {
const userStore = useUserStore()
const { last, contact } = userStore.getUserInfo
return {
list: secureSettingList,
list: [
{
key: '1',
title: '账户密码',
description: '上次修改密码: ' + last,
extra: '修改',
},
{
key: '2',
title: '我的手机',
description: '已绑定手机: ' + contact,
extra: '修改',
},
],
}
},
})

29
frontend/vben/src/views/page/settings/data.ts
View File

@@ -1,14 +1,5 @@
import { FormSchema } from '/@/components/Form/index'
export interface ListItem {
key: string
title: string
description: string
extra?: string
avatar?: string
color?: string
}
// tab的list
export const settingList = [
{
@@ -26,31 +17,15 @@ export const settingList = [
// 基础设置 form
export const baseSetschemas: FormSchema[] = [
{
field: 'name',
field: 'realName',
component: 'Input',
label: '昵称',
colProps: { span: 18 },
},
{
field: 'introduction',
field: 'desc',
component: 'InputTextArea',
label: '个人简介',
colProps: { span: 18 },
},
]
// 安全设置 list
export const secureSettingList: ListItem[] = [
{
key: '1',
title: '账户密码',
description: '上次修改密码: 2022年1月1日0时0分0秒',
extra: '修改',
},
{
key: '2',
title: '我的手机',
description: '已绑定手机: 138****8293',
extra: '修改',
},
]

3
frontend/vben/types/store.d.ts vendored
View File

@@ -30,6 +30,9 @@ export interface UserInfo {
desc?: string
homePath?: string
roles: RoleInfo[]
date: string
last: string
contact: string
}
export interface BeforeMiniState {

1
go.mod
View File

@@ -7,6 +7,7 @@ require (
github.com/FloatTech/ttl v0.0.0-20220715042055-15612be72f5b
github.com/RomiChan/syncx v0.0.0-20221202055724-5f842c53020e
github.com/fumiama/go-base16384 v1.6.4
github.com/fumiama/imgsz v0.0.2
github.com/sirupsen/logrus v1.9.0
)

2
go.sum
View File

@@ -11,6 +11,8 @@ github.com/fumiama/bigfft v0.0.0-20211011143303-6e0bfa3c836b h1:Zt3pFQditAdWTHCO
github.com/fumiama/bigfft v0.0.0-20211011143303-6e0bfa3c836b/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
github.com/fumiama/go-base16384 v1.6.4 h1:rYDRwD/th2cG4U7QLokpzmST1cCxZGXtHmolOUePt5o=
github.com/fumiama/go-base16384 v1.6.4/go.mod h1:OEn+947GV5gsbTAnyuUW/SrfxJYUdYupSIQXOuGOcXM=
github.com/fumiama/imgsz v0.0.2 h1:fAkC0FnIscdKOXwAxlyw3EUba5NzxZdSxGaq3Uyfxak=
github.com/fumiama/imgsz v0.0.2/go.mod h1:dR71mI3I2O5u6+PCpd47M9TZptzP+39tRBcbdIkoqM4=
github.com/fumiama/sqlite3 v1.20.0-with-win386 h1:ZR1AXGBEtkfq9GAXehOVcwn+aaCG8itrkgEsz4ggx5k=
github.com/fumiama/sqlite3 v1.20.0-with-win386/go.mod h1:Os58MHwYCcYZCy2PGChBrQtBAw5/LS1ZZOkfc+C/I7s=
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=

10
main.go
View File

@@ -10,7 +10,6 @@ import (
"github.com/sirupsen/logrus"
"github.com/fumiama/paper-manager/backend/api"
"github.com/fumiama/paper-manager/backend/file"
)
func line() int {
@@ -26,14 +25,15 @@ func main() {
flag.Parse()
l, err := net.Listen("tcp", *addr)
if err != nil {
logrus.Errorln("[net.Listen]\t", err)
logrus.Errorln("[net.Listen]", err)
os.Exit(line())
}
http.HandleFunc("/api/", api.Handler)
http.HandleFunc("/file/", file.Handler)
http.HandleFunc("/file/", api.FileHandler)
http.HandleFunc("/upload", api.UploadHandler)
logrus.Infoln("[http.Serve]\t start at", l.Addr())
logrus.Errorln("[http.Serve]\t", http.Serve(l, nil))
logrus.Infoln("[http.Serve] start at", l.Addr())
logrus.Errorln("[http.Serve]", http.Serve(l, nil))
os.Exit(line())
}